Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/g5qUY9x4851tWI81eMIH6wTyI4U.roa
File:                     g5qUY9x4851tWI81eMIH6wTyI4U.roa (raw, json)
Hash identifier:          1kGcwxbPb9ebmQ5B4RdgLn4bhuW6stHAuNtpKdTKFiA=
Subject key identifier:   83:9A:94:63:DC:78:F3:9D:6D:58:8F:35:78:C2:07:EB:04:F2:23:85
Certificate issuer:       /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial:       018CC2DB0ECB91831C17C78B970C6CE3A87D
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/g5qUY9x4851tWI81eMIH6wTyI4U.roa
Signing time:             Mon 01 Jan 2024 02:29:45 +0000
ROA not before:           Mon 01 Jan 2024 02:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49181
IP address blocks:        176.96.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:0e:cb:91:83:1c:17:c7:8b:97:0c:6c:e3:a8:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
        Validity
            Not Before: Jan  1 02:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=839a9463dc78f39d6d588f3578c207eb04f22385
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:08:09:96:92:d5:36:5d:70:25:cd:ef:bb:a5:
                    97:8f:7d:d5:f7:4a:5a:ec:52:c3:6e:7c:e4:8f:27:
                    4d:6c:f3:81:0c:4e:1f:88:91:db:3d:be:e8:52:01:
                    37:9c:3d:40:e1:25:ef:62:cd:e5:28:87:10:70:6e:
                    23:28:2d:51:3e:ca:9e:d3:4a:e3:21:ad:31:c8:29:
                    e2:b1:96:c1:46:d2:5f:27:cd:10:53:bc:95:cc:e8:
                    df:bb:b9:3d:b8:0e:a5:61:9a:78:57:88:33:7f:04:
                    ed:85:36:a4:df:98:eb:e4:d9:4c:9c:67:8b:dd:6d:
                    06:9a:f2:78:81:ae:3a:48:ce:2f:0e:d6:5b:28:8d:
                    3e:71:2b:61:58:10:ce:5f:72:77:85:f4:4d:7f:99:
                    27:a0:b0:63:24:c6:1d:65:86:0a:04:7f:a3:ce:17:
                    ff:0a:12:f7:d6:cb:12:2a:fa:cf:d5:d7:24:61:f0:
                    9e:cb:f6:e0:28:8b:1b:0d:e6:f3:7a:78:1d:e8:96:
                    24:65:c9:56:de:24:14:97:87:cd:bb:96:66:62:ba:
                    31:3b:29:18:81:e4:5a:e5:bd:ab:1e:92:01:67:7d:
                    90:33:9d:3f:5d:4e:18:9a:a6:7b:5d:bb:fc:aa:61:
                    b3:6a:d1:de:9d:fc:89:3c:68:aa:96:be:c7:f4:0f:
                    98:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:9A:94:63:DC:78:F3:9D:6D:58:8F:35:78:C2:07:EB:04:F2:23:85
            X509v3 Authority Key Identifier:
                keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/g5qUY9x4851tWI81eMIH6wTyI4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.96.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:ed:46:dc:f6:d0:78:3b:f4:41:29:7e:fe:29:98:48:c6:4f:
         96:d8:9a:ee:05:6f:75:cd:01:d2:0c:34:af:8c:f2:c4:89:7d:
         92:1e:6f:43:01:4f:7b:92:be:df:9f:4d:e9:2e:8c:f0:e7:53:
         05:f2:5d:09:27:8b:a9:49:3e:18:fe:93:56:a0:f8:df:3b:9a:
         00:ff:b5:8c:f4:61:23:ca:bc:db:c4:b9:93:a1:22:77:b8:8e:
         e1:4d:bc:40:18:72:4d:c0:46:78:92:ad:4b:95:cb:92:73:95:
         b4:48:36:3e:eb:39:f3:63:a4:56:77:cd:9e:bd:ee:1b:e4:60:
         5e:ab:bc:d2:0e:63:50:96:de:29:e5:9d:d2:cf:7f:12:59:bc:
         e8:97:e8:f0:30:f1:ac:36:d5:f5:93:fc:5f:12:36:d8:8c:fb:
         66:aa:15:6c:7e:de:96:d4:ee:0c:34:08:5b:a5:d9:aa:88:2a:
         43:7c:2c:72:a3:81:c8:98:17:06:3e:c8:fb:99:a6:7e:e0:e0:
         25:39:9b:82:af:13:d1:e3:6c:f7:b5:87:6b:3a:4f:a1:2e:07:
         63:b4:a0:b0:f1:b0:75:37:8f:17:b3:81:7d:c2:a6:00:92:66:
         15:10:02:62:ff:42:d8:b1:3e:11:60:05:6e:e6:4e:ab:0e:eb:
         03:3e:3a:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2w7LkYMcF8eLlwxs46h9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzlhOTQ2M2RjNzhmMzlkNmQ1ODhmMzU3OGMyMDdlYjA0ZjIyMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowgJlpLVNl1wJc3vu6WXj33V90pa
7FLDbnzkjydNbPOBDE4fiJHbPb7oUgE3nD1A4SXvYs3lKIcQcG4jKC1RPsqe00rj
Ia0xyCnisZbBRtJfJ80QU7yVzOjfu7k9uA6lYZp4V4gzfwTthTak35jr5NlMnGeL
3W0GmvJ4ga46SM4vDtZbKI0+cSthWBDOX3J3hfRNf5knoLBjJMYdZYYKBH+jzhf/
ChL31ssSKvrP1dckYfCey/bgKIsbDebzengd6JYkZclW3iQUl4fNu5ZmYroxOykY
geRa5b2rHpIBZ32QM50/XU4YmqZ7Xbv8qmGzatHenfyJPGiqlr7H9A+YeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOalGPcePOdbViPNXjCB+sE8iOFMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvZzVxVVk5eDQ4NTF0V0k4MWVNSUg2d1R5STRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGDiMA0G
CSqGSIb3DQEBCwUAA4IBAQCP7Ubc9tB4O/RBKX7+KZhIxk+W2JruBW91zQHSDDSv
jPLEiX2SHm9DAU97kr7fn03pLozw51MF8l0JJ4upST4Y/pNWoPjfO5oA/7WM9GEj
yrzbxLmToSJ3uI7hTbxAGHJNwEZ4kq1LlcuSc5W0SDY+6znzY6RWd82eve4b5GBe
q7zSDmNQlt4p5Z3Sz38SWbzol+jwMPGsNtX1k/xfEjbYjPtmqhVsft6W1O4MNAhb
pdmqiCpDfCxyo4HImBcGPsj7maZ+4OAlOZuCrxPR42z3tYdrOk+hLgdjtKCw8bB1
N48Xs4F9wqYAkmYVEAJi/0LYsT4RYAVu5k6rDusDPjrv
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:25:25 2024 by rpki-client on console-fra.rpki-client.org